Re: Transition: new PAM config file handling in unstable

[Sam Hartman <hartmans@debian.org>]

>>>>> "Joey" == Joey Hess <joeyh@debian.org> writes:

    Joey> Steve Langasek wrote:
    >> - It will now be possible to choose md5 vs. crypt passwords at
    >> install time without violating policy.  (Currently, a number of
    >> conffiles are being modified by maintainer scripts in order to
    >> enable md5 passwords.)  Actually making this process
    >> policy-compliant will require changes to a number of other
    >> packages prior to release.

    Joey> It's great to finally have this. Have you considered doing
    Joey> something to ease upgrades of systems whose admins chose to
    Joey> enable md5 passwords via passwd's debconf questions?

Unfortunately I have some bad news for you.

Karl (login maintainer) and I have decided that there will be no
question for sarge and that md5 passwords will be used by default.


Once there are tools for automated manipulation of the pam config
files, then it will be a configuration decision of libpam-modules what
the default passwd configuration for pam_unix is.

If debconf is available then the user will be asked; otherwise the
default will not be changed.

But I don't have time to review a design or to do the design myself
for sarge.